1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

port forwarding and internet fqdn woes

Discussion in 'Tomato Firmware' started by arth, Apr 21, 2009.

  1. arth

    arth Addicted to LI Member

    Hi,

    I'm using tomato on a WRT54Gv1, bridged to my ADSL modem.

    My problem is that I can't seem to access a website by its fqdn domain name, where the web server is on my internal network and a port 80 forward setup.

    For example for my domain test.com: tomato is at 192.168.1.1. I have a web server on 192.168.1.2. There's a port 80 forward rule to 192.168.1.2.

    Externally, http://test.com works. Internally, http://test.com doesn't work, but http://192.168.1.2 does.

    I've tried enabling NAT Loopback on tomato to Forward only as well as Enabled, without success.

    What exactly is going on here?

    Thanks & regards,
    - Art
     
  2. fyellin

    fyellin LI Guru Member

    Interesting. This is supposed to work. I've got the flag set to "Forward Only" and it works just fine. I host several domain names on my web server, and I can see all of them from inside by network.

    Is the anything unusual about your httpd configuratin?
     
  3. arth

    arth Addicted to LI Member

    No, the httpd is stock apache2, no customizations from the default settings...

    I suspect the bridged mode is causing issues rather than the web server itself.

    Thanks,
    - Art
     
  4. fyellin

    fyellin LI Guru Member

    Can you access the web site internally using your external IP address? And what do you mean by "bridged mode" here? Tomato is supposed to be able to handle this.
     
  5. arth

    arth Addicted to LI Member

    Hi fyellin,

    Yes, the external IP address does work internally, which is why I'm so confused!

    Regarding bridged mode, I mean that the internet connection comes in via my ADSL modem (SpeedTouch), which is bridged to the Tomato router (i.e., tomato handles all the firewall/routing while the modem handles the ADSL connection). According to the documentation for both, bridged mode isn't an issue, however I can't get external domains to resolve to their internet address... extremely annoying.

    Thanks & regards,
    - Art
     
  6. fyellin

    fyellin LI Guru Member

  7. arth

    arth Addicted to LI Member

    That's right.

    I can see google.com, everything bound for the internet works fine internally, everything addressed to the intranet works fine internally. However anything port forwarded will not work using the external address, internally.

    I can ping and resolve from all endpoints as well as on the router, which makes it even stranger...

    Any more ideas?

    Thanks & regards,
    - Art
     
  8. Toastman

    Toastman Super Moderator Staff Member Member

    I have the very same setup, and it works here fine. ADSL modem in bridge mode, PPPOE to a WRT54GL router. My web server using several domain names from dyndns.org all work inside or outside the LAN. Loopback setting is forward only. I didn't do anything special, it just worked. Presumably you do get a correct current IP from your DDNS server? I can only imagine a DNS issue, as fyellin has said.

    Not necessarily relevant to your situation, but if you forward a port to an AP so that you can access it remotely for maintenance, the AP must have its gateway set to the router, or you don't see a reply. But it does reply to pings from the router GUI. (For this reason, I haven't been able to remotely access AP's from two routers on the same network, because only the one set as gateway on the AP will receive a response.) There may be a clue in there somewhere, because all points are able to ping each other, just as in your situation. Good luck!
     
  9. arth

    arth Addicted to LI Member

    Hi,

    I have a static IP address so dynamic DNS is not an issue... could this issue occur if both the ADSL modem and tomato have NAT Lookback enabled? I remember enabling it on my ADSL device previously.

    Regards,
    - Art
     
  10. Toastman

    Toastman Super Moderator Staff Member Member

    Okay, but are you sure that you have a correct entry in global DNS?

    I'm not an expert but I believe when in bridged mode, any setting of NAT on the modem(router) are ignored. If in doubt, turn it off.

    EDIT - re-reading the thread, all outside DNS resolves perfectly except for your own domain. I think the only possible explanation is that whoever issued your domain name did not register it for DNS. That is why I asked, does the name actually resolve into an IP address?
     
  11. arth

    arth Addicted to LI Member

    Hi,

    I'm definitely sure that it has the correct entry, considering that it works when accessing things externally by its FQDN, and that my public address is static.

    I may try to disable it on the ADSL modem and see what happens, thanks.

    - Art
     
  12. paped

    paped LI Guru Member

    I know that this may be going back a bit but are you sure that your modem is in bridge mode its just that NAT and loopback setting on the modem have been talked about. However if this is in bridge mode this is all handled on the router all that should be set (and in most case the only options that should be available) is the VCI/VPI indentifiers and the LAN IP which is only used for accessing the admin page not routing in bridge mode. Thus the modem is basically a protocol converter the login/wan IP/routing/nat loopback is all based in the router.

    One thing to check is on the DNCP/DNS server page make sure the top tick box is ticked which is to use the Internal DNS cache/forwarded as the NAT loopback I believe needs to use this rather than an external DNS server. Also set NAT loopback to "all" as "forward only" did not work for me initially (can't remember why) but the "all" setting got everything working.
     

Share This Page